diff options
| author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2017-07-03 14:29:04 +0200 |
|---|---|---|
| committer | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2017-07-27 15:49:25 +0000 |
| commit | a3bcd6d1e71e866fa96a40437aeff9a6e44c76a2 (patch) | |
| tree | dc41c0d0a24c20a60445f3158eebc1a8d00e609c | |
| parent | 3b42658836359a9b6b6e79bf5ba0e8adcae613c2 (diff) | |
cn unitdata: verify correct remote addr
When receiving unitdata from the CN, verify that it is indeed coming from the
remote address that matches our CS/PS domain settings.
This patch came from an earlier stage where the is_ps out-parameter was
actually used. While it currently isn't, it doesn't hurt to leave it there.
Change-Id: I7190b4c3a05e8bac0eeffa1eab18c9e47429cb17
| -rw-r--r-- | src/hnbgw_cn.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/hnbgw_cn.c b/src/hnbgw_cn.c index 8124ce5..e967260 100644 --- a/src/hnbgw_cn.c +++ b/src/hnbgw_cn.c @@ -240,6 +240,31 @@ static int handle_cn_ranap(struct hnbgw_cnlink *cnlink, const uint8_t *data, return rc; } +static bool pc_and_ssn_match(const struct osmo_sccp_addr *a, const struct osmo_sccp_addr *b) +{ + return (a == b) + || ((a->pc == b->pc) + && (a->ssn == b->ssn)); +} + +static int classify_cn_remote_addr(const struct hnb_gw *gw, + const struct osmo_sccp_addr *cn_remote_addr, + bool *is_ps) +{ + if (pc_and_ssn_match(cn_remote_addr, &gw->sccp.remote_addr_cs)) { + if (is_ps) + *is_ps = false; + return 0; + } + if (pc_and_ssn_match(cn_remote_addr, &gw->sccp.remote_addr_ps)) { + if (is_ps) + *is_ps = true; + return 0; + } + LOGP(DMAIN, LOGL_ERROR, "Unexpected remote address, matches neither CS nor PS address: %s\n", + osmo_sccp_addr_dump(cn_remote_addr)); + return -1; +} static int handle_cn_unitdata(struct hnbgw_cnlink *cnlink, const struct osmo_scu_unitdata_param *param, @@ -251,6 +276,9 @@ static int handle_cn_unitdata(struct hnbgw_cnlink *cnlink, return -1; } + if (classify_cn_remote_addr(cnlink->gw, ¶m->calling_addr, NULL) < 0) + return -1; + return handle_cn_ranap(cnlink, msgb_l2(oph->msg), msgb_l2len(oph->msg)); } |